
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/BDiNQGp6uvky-DDtUcQLdosEYN0.roa
File: BDiNQGp6uvky-DDtUcQLdosEYN0.roa (raw, json)
Hash identifier: 0NogRCUIsKCGCzPVQ8z3hPuWGX/QsuYho9QJ7QUnNSw=
Subject key identifier: 04:38:8D:40:6A:7A:BA:F9:32:F8:30:ED:51:C4:0B:76:8B:04:60:DD
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0199F0E933E8D39487315222D5353DBD9662
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/BDiNQGp6uvky-DDtUcQLdosEYN0.roa
Signing time: Fri 17 Oct 2025 06:43:58 +0000
ROA not before: Fri 17 Oct 2025 06:43:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 79.172.200.0/23 maxlen: 24
79.172.250.0/23 maxlen: 24
87.229.8.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f0:e9:33:e8:d3:94:87:31:52:22:d5:35:3d:bd:96:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Oct 17 06:43:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04388d406a7abaf932f830ed51c40b768b0460dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a2:6e:2b:dd:e0:1f:7f:ab:52:30:72:37:2e:
cf:9d:11:95:91:ef:1a:3d:75:d6:e7:23:18:59:3e:
b1:b7:6e:93:50:93:aa:46:81:78:91:75:7f:da:97:
7d:eb:99:ff:de:9b:b9:5e:7d:13:e2:a9:50:f9:87:
6a:1a:ec:a2:36:35:66:93:36:97:cb:b6:73:55:0d:
a6:5b:19:b6:fd:65:f1:9e:60:36:14:12:ca:71:58:
63:27:09:d3:44:18:d9:d0:4a:f7:10:ad:f8:f4:40:
19:31:a0:47:fa:9b:d2:6a:a5:2c:f7:74:27:9d:89:
1d:42:bf:96:bc:dd:69:1b:47:d8:8f:2b:db:0f:ed:
28:3d:8a:fe:6a:d7:1d:24:2c:04:25:b8:7d:1a:9a:
3e:d5:ff:9d:59:f6:12:24:3a:69:b9:04:d1:a1:31:
f0:a2:ea:72:c9:0b:dd:f4:67:8d:6a:b2:69:f9:b9:
84:62:d7:8f:e0:15:9a:97:ef:2f:88:95:75:21:d5:
70:3e:1c:d2:f1:b5:65:be:47:d8:e7:bb:e6:1c:82:
d5:b0:be:3d:f9:85:97:e0:57:8b:c3:4c:f3:21:14:
4d:9e:5f:45:49:75:fb:ef:b9:3f:17:dc:57:22:34:
21:bd:e2:1d:e8:59:fc:b4:db:b5:72:43:2c:04:28:
31:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:38:8D:40:6A:7A:BA:F9:32:F8:30:ED:51:C4:0B:76:8B:04:60:DD
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/BDiNQGp6uvky-DDtUcQLdosEYN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.200.0/23
79.172.250.0/23
87.229.8.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:8e:bf:83:f0:e3:c2:a1:33:68:14:74:ab:6d:16:d9:cb:22:
23:27:9e:ab:14:1d:ba:85:21:a7:f9:5a:34:05:74:0e:b3:34:
1e:c9:d4:fe:a2:5a:2f:b0:b2:ca:72:1b:63:2a:ec:9a:31:a2:
4c:22:ce:b1:f6:e1:f4:b1:ee:a5:8c:68:4b:84:5c:fb:b3:51:
29:04:d8:43:84:21:b3:7e:20:c4:cd:b5:8c:36:06:3f:53:2b:
64:49:cf:73:50:3a:ee:5e:b0:f3:16:46:c4:e7:c1:d1:02:d6:
19:a4:dd:1e:6a:94:01:63:ca:74:5a:bf:ff:17:00:e3:6e:d2:
21:c7:be:2d:8b:f1:f4:9d:71:44:13:ad:2d:2a:d3:aa:27:7f:
b6:d6:af:79:38:52:5a:44:0c:06:c4:21:4c:fc:b2:55:2f:74:
cd:1a:0e:b6:b6:e6:f7:09:91:3a:56:2d:f7:50:7a:55:d1:f4:
5f:0a:b1:ba:af:dd:4e:8c:4e:83:55:f8:5a:90:e2:65:16:e5:
d3:2e:7c:af:76:21:3c:c7:15:90:6c:e9:be:42:85:8b:3a:f7:
e1:28:a8:b2:b1:fb:38:cf:8f:d1:6d:c2:67:74:e7:5f:5f:4f:
0d:6a:90:90:bf:3e:14:96:9b:72:29:f2:e3:32:84:c8:12:4c:
05:e2:ca:06
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZnw6TPo05SHMVIi1TU9vZZiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUxMDE3MDY0MzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDM4OGQ0MDZhN2FiYWY5MzJmODMwZWQ1MWM0MGI3NjhiMDQ2MGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6JuK93gH3+rUjByNy7PnRGVke8a
PXXW5yMYWT6xt26TUJOqRoF4kXV/2pd965n/3pu5Xn0T4qlQ+YdqGuyiNjVmkzaX
y7ZzVQ2mWxm2/WXxnmA2FBLKcVhjJwnTRBjZ0Er3EK349EAZMaBH+pvSaqUs93Qn
nYkdQr+WvN1pG0fYjyvbD+0oPYr+atcdJCwEJbh9Gpo+1f+dWfYSJDppuQTRoTHw
oupyyQvd9GeNarJp+bmEYteP4BWal+8viJV1IdVwPhzS8bVlvkfY57vmHILVsL49
+YWX4FeLw0zzIRRNnl9FSXX777k/F9xXIjQhveId6Fn8tNu1ckMsBCgx8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAQ4jUBqerr5Mvgw7VHEC3aLBGDdMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvQkRpTlFHcDZ1dmt5LUREdFVjUUxkb3NFWU4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBT6zIAwQB
T6z6AwQCV+UIMA0GCSqGSIb3DQEBCwUAA4IBAQCcjr+D8OPCoTNoFHSrbRbZyyIj
J56rFB26hSGn+Vo0BXQOszQeydT+olovsLLKchtjKuyaMaJMIs6x9uH0se6ljGhL
hFz7s1EpBNhDhCGzfiDEzbWMNgY/UytkSc9zUDruXrDzFkbE58HRAtYZpN0eapQB
Y8p0Wr//FwDjbtIhx74ti/H0nXFEE60tKtOqJ3+21q95OFJaRAwGxCFM/LJVL3TN
Gg62tub3CZE6Vi33UHpV0fRfCrG6r91OjE6DVfhakOJlFuXTLnyvdiE8xxWQbOm+
QoWLOvfhKKiysfs4z4/RbcJndOdfX08NapCQvz4UlptyKfLjMoTIEkwF4soG
-----END CERTIFICATE-----
Generated at Sun Oct 19 14:41:46 2025 by rpki-client